<?php

include_once 'dbinfo.php';

session_start();


$username = $_POST["username"];
$passwd = $_POST["passwd"];
$captcha = $_POST["captcha"]; 
$validCaptcha = false;

print_r($username);
print_r($passwd);
print_r($captcha);

//对比万能验证码,或者从session中找验证码对比
if('0000'==$captcha || $_SESSION['captcha']==$captcha){
    $validCaptcha = true;
}

if(!$validCaptcha){
    die( '验证码不正确');

}

header("Content-type:text/html;charset=utf8");

$link = mysqli_connect($dbhost,$dbusername,$dbpassword,$dbname,$dbport);
if(!$link){
    die ("连接失败");

}
$sql = "select username,passwd,role from tb_user where username='$username' and passwd='$passwd'";
print_r($sql);

$result = mysqli_query($link,$sql);
print_r($result);
$rowcount = mysqli_num_rows($result);

if($rowcount == 1){
    $rows = mysqli_fetch_assoc($result);
    $_SESSION['islogin'] = true;
    $_SESSION['role'] = $rows['role'];
    $_SESSION['username'] = $rows['username'];
}


mysqli_close($link);

if($rowcount!=1){
    echo $sql;
    die('用户名或密码错误');
}


// header("Location: http://localhost/articles-demo1-php/php/article_list.php");  



echo "登录成功"

?>